Overview

overview

7

Static

static

3

ALGOI-la t...sl.exe

windows7-x64

7

ALGOI-la t...sl.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ALGOI-la tabla de cálculos.xlsl.exe

  • Size

    944KB

  • Sample

    240629-hts6hawdnk

  • MD5

    062aa320e3c137b1cbf7a95de8c06b6a

  • SHA1

    7c342989469b31b75a26bcac6736483bf33aab43

  • SHA256

    e4d52884a348b211ebaab9018b286c9f7023abc349f229cc63fea89b5341341e

  • SHA512

    6de14698f531b010efc86bdf4a180d80231a5e0938710f4f55887d383a41de7656efb91799b35d36e8bff8dfe836e90ee832de798a3fd6e64718c759f8945181

  • SSDEEP

    24576:y4MpPUeaHyRhYmK4vjOUu60o2Eflyw6/t:wMjeMcuK2Efllm

Score
7/10

Malware Config

Targets

    • Target

      ALGOI-la tabla de cálculos.xlsl.exe

    • Size

      944KB

    • MD5

      062aa320e3c137b1cbf7a95de8c06b6a

    • SHA1

      7c342989469b31b75a26bcac6736483bf33aab43

    • SHA256

      e4d52884a348b211ebaab9018b286c9f7023abc349f229cc63fea89b5341341e

    • SHA512

      6de14698f531b010efc86bdf4a180d80231a5e0938710f4f55887d383a41de7656efb91799b35d36e8bff8dfe836e90ee832de798a3fd6e64718c759f8945181

    • SSDEEP

      24576:y4MpPUeaHyRhYmK4vjOUu60o2Eflyw6/t:wMjeMcuK2Efllm

    Score
    7/10

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      a436db0c473a087eb61ff5c53c34ba27

    • SHA1

      65ea67e424e75f5065132b539c8b2eda88aa0506

    • SHA256

      75ed40311875312617d6711baed0be29fcaee71031ca27a8d308a72b15a51e49

    • SHA512

      908f46a855480af6eacb2fb64de0e60b1e04bbb10b23992e2cf38a4cbebdcd7d3928c4c022d7ad9f7479265a8f426b93eef580afec95570e654c360d62f5e08d

    • SSDEEP

      192:aVL7iZJX76BisO7+UZEw+Rl59pV8ghsVJ39dx8T:d7NsOpZsfLMJ39e

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      14f5984b926208de2aafb55dd9971d4a

    • SHA1

      e5afe0b80568135d3e259c73f93947d758a7b980

    • SHA256

      030bcfa82e3bb424835a5fa53a3ff17ab08557d3bbeea4815313036fc4bdafe1

    • SHA512

      e9ec97dd57ead871789d49ed38d9fde5f31d3cb2547810cae49a736e06b9f9b28cf8efea825eb83c3e07d880ee798abfb9069c6957416d5973c83e4531814e27

    • SSDEEP

      96:k7GUaYNwCLuGFctpiKFlYJ8hH4RVHpwdEeY3kRlDr6dMqqyVgNJ38:Wygp3FcHi0xhYMR8dMqJVgN

    Score
    3/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks